package com.wxap.client;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Security;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;


public class SSLContextFactory {
	 /**                                                                                                                                                                           
	  * Protocol to use.                                                                                                                                                
	  */                                                                                                                                                                           
	 private static final String PROTOCOL = "SSL";                                                                                              
	                                                                                                                                                                                
	 private static final String KEY_MANAGER_FACTORY_ALGORITHM;                                                    
	                                                                                                                                                                                
	 static {                                                                                                                                                                   
	     String algorithm = Security                                                                                                                            
	             .getProperty("ssl.KeyManagerFactory.algorithm");                                                                            
	     if (algorithm == null) {                                                                                                                                      
	         algorithm = KeyManagerFactory.getDefaultAlgorithm();                                                                        
	     }                                                                                                                                                                         
	                                                                                                                                                                                
	     KEY_MANAGER_FACTORY_ALGORITHM = algorithm;                                                                       
	 }                                                                                                                                                                             
	                                                                                                                                                                                
	 /**                                                                                                                                                                           
	  * 证书地址                                                                                             
	  */                                                                                                                                                                           
	 private static final String BOGUS_KEYSTORE = "wx.jks";                                                                  
	                                                                                                                                                                                
	 // NOTE: The keystore was generated using keytool:                                                                                    
	 //   keytool -genkey -alias bogus -keysize 512 -validity 3650                                                                         
	 //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,                                                                     
	 //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"                                                                     
	 //           -keypass boguspw -storepass boguspw -keystore bogus.cert                                                       
	                                                                                                                                                                                
	 /**                                                                                                                                                                           
	  * Bougus keystore password.                                                                                                                          
	  */                                                                                                                                                                           
	 private static final char[] BOGUS_PW = 
		 "wx".toCharArray();//                                                             
	                                                                                                                                                                                
	 private static SSLContext serverInstance = null;                                                                                           
	                                                                                                                                                                                
	 private static SSLContext clientInstance = null;                                                                                             
	                                                                                                                                                                                
	 /**                                                                                                                                                                           
	  * Get SSLContext singleton.                                                                                                                            
	  *                                                                                                                                                                            
	  * @return SSLContext                                                                                                                                      
	  * @throws java.security.GeneralSecurityException                                                                                      
	  *                                                                                                                                                                            
	  */                                                                                                                                                                           
	 public static SSLContext getInstance(boolean server)                                                                                 
	         throws GeneralSecurityException {                                                                                                          
	     SSLContext retInstance = null;                                                                                                                     
	     if (server) {                                                                                                                                                        
	         synchronized(SSLContextFactory.class) {                                                                                     
	             if (serverInstance == null) {                                                                                                                    
	                 try {                                                                                                                                                        
	                     serverInstance = createBougusServerSslContext();                                                                 
	                 } catch (Exception ioe) {                                                                                                                     
	                     throw new GeneralSecurityException(                                                                                        
	                             "Can't create Server SSLContext:" + ioe);                                                                          
	                 }                                                                                                                                                             
	             }                                                                                                                                                                 
	         }                                                                                                                                                                     
	         retInstance = serverInstance;                                                                                                                   
	     } else {                                                                                                                                                               
	         synchronized (SSLContextFactory.class) {                                                                                    
	             if (clientInstance == null) { 
	            	  try { 
	                   clientInstance = createBougusClientSslContext1();
	            	  } catch (Exception ioe) {                                                                                                                     
		                     throw new GeneralSecurityException(                                                                                        
		                             "Can't create Client SSLContext:" + ioe);                                                                          
		                 }  
	               }                                                                                                                                                                
	           }                                                                                                                                                                    
	           retInstance = clientInstance;                                                                                                                   
	       }                                                                                                                                                                        
	       return retInstance;                                                                                                                                         
	   }                                                                                                                                                                            
	                                                                                                                                                                                
	   private static SSLContext createBougusServerSslContext()                                                                     
	           throws GeneralSecurityException, IOException {                                                                                 
	       // Create keystore                                                                                                                                          
	       KeyStore ks = KeyStore.getInstance("JKS");                                                                                            
	       InputStream in = null;                                                                                                                                    
	       try {    
	    	  in =  SSLContextFactory.class.getClassLoader().getResourceAsStream(BOGUS_KEYSTORE );
//	    	  System.out.println(in.read());
//	    	  
//	    	   File ff = new File(  BOGUS_KEYSTORE);
//	    	   System.out.println(ff.exists());
//	           in = new FileInputStream(ff);
//	        	   SSLContextFactory.class                                                                                                        
//	                   .getResourceAsStream(BOGUS_KEYSTORE);                                                                         
	           ks.load(in, BOGUS_PW);                                                                                                                         
	       } finally {                                                                                                                                                           
	           if (in != null) {                                                                                                                                               
	               try {                                                                                                                                                           
	                   in.close();                                                                                                                                             
	               } catch (IOException ignored) {                                                                                                            
	               }                                                                                                                                                                
	           }                                                                                                                                                                    
	       }                                                                                                                                                                        
	                                                                                                                                                                                  
	       // Set up key manager factory to use our key store    
	       KeyManagerFactory kmf = KeyManagerFactory                                                                                       
	               .getInstance(KEY_MANAGER_FACTORY_ALGORITHM);                                                         
	       kmf.init(ks, BOGUS_PW);                                                                                                                            
	                                                                                                                                                                                
	       // Initialize the SSLContext to work with our key managers.                                                                    
	       SSLContext sslContext = SSLContext.getInstance(PROTOCOL);                                                       
	       sslContext.init(kmf.getKeyManagers(),                                                                                                       
	    		  null, null);         
	                                                                                                                                                                                
	       return sslContext;                                                                                                                                          
	   }                                                                                                                                                                            
	        
	 
	       
	   
	   private static SSLContext createBougusClientSslContext1()                                                                       
	           throws GeneralSecurityException, IOException {  
		   
		   KeyStore ks = KeyStore.getInstance("JKS");                                                                                            
	       InputStream in = null;                                                                                                                                    
	       try {                                                                                                                                                                   
	    	   in =  SSLContextFactory.class.getClassLoader().getResourceAsStream(BOGUS_KEYSTORE );                                                                  
	           ks.load(in, BOGUS_PW);                                                                                                                         
	       } finally {                                                                                                                                                           
	           if (in != null) {                                                                                                                                               
	               try {                                                                                                                                                           
	                   in.close();                                                                                                                                             
	               } catch (IOException ignored) {                                                                                                            
	               }                                                                                                                                                                
	           }                                                                                                                                                                    
	       }                               
		   
	     


	       
	       
	       TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
	       tmf.init(ks);                                                      
	       SSLContext context = SSLContext.getInstance(PROTOCOL);                                                             
	       context.init(null	 ,tmf.getTrustManagers(), null);                                             
	       return context;                                                                                                                                                
	   }                                                                                                                                                                            

}
